CrawlJobs Logo

Test Manager - Application Security & Penetration testing

nttdata.com Logo

NTT DATA

Location Icon

Location:
Malaysia , Kuala Lumpur

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Test Manager for Application Security and Penetration Testing will enhance the security posture of enterprise applications through hands-on penetration testing, secure code reviews, and vulnerability assessments. The Manager, Application Security is responsible for strengthening our enterprise application security posture. This is a hands-on individual contributor role responsible for performing penetration testing, secure code review, software composition analysis, container image assurance, and vulnerability assessments, as well as managing findings and supporting compliance with financial industry regulations. The role requires strong technical expertise, practical testing skills, and familiarity with regulatory requirements such as MAS TRM Guidelines and BNM RMiT Policy Document.

Job Responsibility:

  • Conduct penetration testing for web, mobile, and API applications
  • Perform secure code reviews, software composition analysis, and container mage assurance to identify vulnerabilities early in the SDLC
  • Perform vulnerability assessments for applications, middleware, and supporting systems
  • Utilise industry-standard tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Black Duck, Nessus, Aqua and Qualys
  • Triage, validate, and prioritise security findings from security assessments
  • Work with development, DevOps, and infrastructure teams to ensure timely remediation
  • Track and report remediation progress, ensuring closure within timelines required by regulatory instruments and Technology Security Standards
  • Provide guidance to developers and project teams on secure coding practices
  • Embed application security controls and tools (SAST, DAST, SCA, IAST) into CI/CD pipelines
  • Maintain security documentation and provide evidence for audits and regulatory reviews
  • Ensure compliance with internal policies, regulatory obligations, and industry best practices
  • Support audits, risk assessments, and regulatory inspections involving application security

Requirements:

  • Bachelor’s degree in information security, Computer Science, or related field
  • Professional certifications such as CREST, OSCP+, OSEP, or GPEN
  • 7+ years of IT security experience, with at least 4 years of direct experience in project-based and annual penetration testing for web, mobile, and API applications
  • Experienced in secure code reviews, software composition analysis, container image assurance, and vulnerability assessments
  • Strong technical knowledge of web, mobile, and API security, including OWASP Top 10 and common attack vectors
  • Hands-on expertise with security testing tools mentioned above
  • Working knowledge of MAS TRM, MAS Cyber Hygiene, and BNM RMiT requirements

Additional Information:

Job Posted:
January 26, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Test Manager - Application Security & Penetration testing

Security and Application Security Engineer

Beacon Technologies is seeking a Security and Application Security Engineer. The...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
beacontechinc.com Logo
Beacon Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of five years of Information Security experience with at least two years of application-level security
  • Strong communication skills: ability to convey and document security guidelines, requirements, and coding best practices
  • Familiarity with Security Best Practices in common coding languages
  • Application Penetration Testing / API Security Testing
  • Software Development Life Cycle Design and Implementation
  • Static and Dynamic Application Testing Tools and Methods
  • Container and orchestration security (Kubernetes, Docker, Octopus, GitHub, etc.)
  • Familiarity with Application Security Testing Frameworks such as OWASP
  • Strong logical and analytical thinker
  • exceptional skills in security systems solutions
Job Responsibility
Job Responsibility
  • Operate as a liaison between the Security Team and the Development Teams
  • Preserve PCI and SOX Security Certification programs with a primary focus on ensuring compliance with the appropriate industry standards and security controls
  • Supporting incident response and architecture review whenever applications security expertise is needed
  • Integrating threat modeling practices into the SDLC
  • Work with other staff to perform periodic scans and evaluation of system security including areas such as patch management, penetration testing, vulnerability assessments, and other types of InfoSec-related tasks
  • Assist in identifying and communicating security exposures, information security incidents or non-compliance situations to IT management or the CISO as appropriate. Duties may also include collecting and documenting cyber security and incident response event data as necessary.
What we offer
What we offer
  • Career advancement opportunities
  • extensive training
  • excellent benefits including paying for health and dental premiums for salaried employees.
  • Fulltime
Read More
Arrow Right

Engineering Manager, Offensive Security & Vulnerability Management

Robinhood’s Security Operations team is seeking a strategic and technical Senior...
Location
Location
United States , Menlo Park
Salary
Salary:
217000.00 - 255000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security
  • 3+ years managing technical teams in Offensive Security, Red Teaming, or Vulnerability Management
  • Strong technical foundations in adversary simulation, threat modeling, and vulnerability lifecycle management
  • Strategic thinking, translating offensive findings and vuln data into business risk language and operational improvements
  • Experience building and scaling automated security validation (e.g. Purple teaming, attack simulation, continuous testing frameworks)
  • Operating in complex challenging environments and networks
  • Influence across functions and driving remediation outcomes without direct authority
Job Responsibility
Job Responsibility
  • Lead the Offensive Security team in planning and executing red team operations, internal penetration tests, and adversary emulation campaigns
  • Oversee the Vulnerability Management team responsible for running our bug bounty program as well as continuous discovery, triage, and remediation of vulnerabilities across infrastructure, applications, and cloud environments
  • Define and drive the strategy for Autonomic Security Operations, investing in automated testing and validation pipelines that codify security knowledge and detection coverage
  • Partner closely with engineering, product, threat intelligence and detection & response stakeholders to ensure controls are continuously tested and vulnerabilities are effectively surfaced
  • Build processes, tooling, and dashboards to track and communicate vulnerability and control assurance metrics to stakeholder and leadership
  • Contribute to long-term security planning by identifying control gaps, operational bottlenecks, and opportunities to scale security through automation
What we offer
What we offer
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet - a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Application Security Analyst

An application security analyst is a trained professional responsible for provid...
Location
Location
United States
Salary
Salary:
100000.00 - 115000.00 USD / Year
anntaylor.com Logo
Ann Taylor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Education and/or Certifications in Computer Science, Information Systems, other related field, or equivalent work experience
  • 3-5+ years of IT work experience, with at least 2 years of experience working in Application security
  • Working experience with security testing tools (DAST, SAST, SCA)
  • Hands on experience with manual web application penetration testing (VAPT)
  • Proficient in Burp suite and Kali Linux tools
  • Experience on API testing
  • Knowledge of secure coding practices/frameworks such as OWASP, SSDF
  • Strong knowledge of application security principles
  • Knowledge on Threat Modeling and DevSecOps
  • Strong working knowledge of IT Security best practices
Job Responsibility
Job Responsibility
  • Conduct application security assessments to identify and mitigate security risks
  • Perform DAST scans for the internal and external applications
  • Conduct end-to-end Pentest engagement for E-commerce applications
  • Perform False positive analysis for vulnerabilities from scan results
  • Analyze the security risks and create vulnerability report with recommendations
  • Work collaboratively with cross-functional teams to identify and solve complex security problems
  • Work on ad hoc SAST scan requests and vulnerability analysis
  • Participate in incident response activities and provide technical guidance on security-related incidents
  • Develop and maintain technical documentation related to application security
What we offer
What we offer
  • Merchandise discount at select KnitWell Group brands
  • Support for individual development plus opportunities for career mobility
  • A culture of giving back – local volunteer opportunities, annual donation and volunteer match to eligible nonprofit organizations, and philanthropic activities
  • Medical, dental, vision insurance & 401(K)
  • Employee Assistance Program (EAP)
  • Time off – paid time off & holidays
  • Fulltime
Read More
Arrow Right

Application Penetration Tester

We are looking for security engineer who loves solving interesting problems and ...
Location
Location
Poland , Warszawa
Salary
Salary:
Not provided
https://www.bosch.pl/ Logo
Robert Bosch Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of combined experience in penetration testing and security engineering roles
  • Professional certifications such as OSCP, CEH, CISSP, CISM, or equivalent
  • Advanced level of understanding of OWASP Top 10, CVE, general security controls, and other foundational topics such as the latest web application system exploits
  • Attacker mindset for breaking the websites with practical knowledge of OWASP
  • Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking
  • Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables
  • In depth experience with common automated VAPT tools such as Nessus, Burp Suite
  • Proficiency with other common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc.
  • Working knowledge of DevSecOps, CIS Security benchmarks, scripting languages (Python, PowerShell, Bash) for automation
  • Fluent English (both verbal and written)
Job Responsibility
Job Responsibility
  • Black-box and Grey Box penetration test applications
  • Security testing including reverse engineering of Mobile applications (Android and iOS)
  • Create innovative attacks tools/automations for project specific needs
  • Communicate complex vulnerability results to technical and non-technical audience
  • Perform research and contribute to open-source community on new attack methodology, vulnerability findings
  • Scope penetration tests and contribute to penetration test project management
What we offer
What we offer
  • Competitive salary + annual bonus
  • Hybrid work with flexible working hours
  • Referral Bonus Program
  • Copyright costs for IT employees
  • Private medical care and life insurance
  • Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
  • Prepaid Lunch Card
  • Number of benefits for families (for instance summer camps for kids)
  • Non-working day on the 31st of December
  • Fulltime
Read More
Arrow Right

Application Security Engineer

In the HPE Hybrid Cloud, we lead the innovation agenda and technology roadmap fo...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in application security, including hands-on experience with security testing tools and techniques
  • Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities and secure coding practices
  • Experience with security testing tools such as Burp Suite, OWASP ZAP, and code analysis tools like SonarQube or Checkmarx, Snyk
  • Proficiency in at least one programming language (e.g., Java, Python, JavaScript) and ability to review and understand code
  • Familiarity with software development methodologies (e.g., Agile, DevOps) and their impact on security practices
  • Excellent analytical and problem-solving skills, with attention to detail
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
  • Certifications such as CISSP, CEH, or CASE (Java), or equivalent
  • Demonstrated ability to work independently and prioritize tasks in a fast-paced environment
Job Responsibility
Job Responsibility
  • Conduct thorough security assessments of applications, identifying vulnerabilities and weaknesses in code, architecture, and configurations
  • Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards are followed
  • Perform regular security testing, including static code analysis, dynamic application scanning, and penetration testing, to identify and mitigate security risks
  • Analyze security incidents and provide timely response and remediation actions to mitigate potential threats
  • Develop and maintain security documentation, including security requirements, design documents, and security testing reports
  • Assist in the design and implementation of security controls and mechanisms to protect sensitive data and critical systems
  • Stay up-to-date with emerging security threats and industry best practices, and recommend security enhancements and controls accordingly
  • Provide security guidance and support to cross-functional teams, including developers, architects, and project managers
  • Participate in security reviews and audits, ensuring compliance with security policies, standards, and regulatory requirements
  • Collaborate with third-party vendors and partners to assess the security posture of integrated systems and applications
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Application Security Engineer

We are expanding our team to include a Security Engineer to be 100% focused on o...
Location
Location
United States
Salary
Salary:
175000.00 USD / Year
corporatetools.com Logo
Corporate Tools
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Solid fundamentals in webapp and network pentesting (2+ years)
  • 4+ years of professional experience in Ruby on Rails or equivalent and Vue or a Frontend equivalent framework
  • Experience with Linux and cloud environment testing
  • Understanding of security issues for desktop, virtual, cloud services and network infrastructures
  • Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Experience with secure network protocols and encryption of communications between networked hosts
  • Experience in IT systems and security policies, standards, industry trends, and techniques
  • Experience with assessing APT threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threat Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and/or verification of new APT TTPs
  • Fundamental understanding of security knowledge of testing mobile, native applications, web applications, distributed and database systems
  • Must be detail-oriented and possess strong problem-solving skills and ability to analyze for potential future issues
Job Responsibility
Job Responsibility
  • Understand and safely use various open source penetration testing tools and when appropriate, emulating hacker tactics, techniques, procedures
  • Create security vulnerability reports for both technical and executive audiences
  • While in-between assessments, you will be expected to help our security engineers think through solutions to problems you find
  • Automate tasks and script at a basic level to enhance penetration testing processes
  • Passion for learning new technologies and processes, and contributing to refining existing capabilities
  • Communicate with stakeholders (technical and non-technical), both verbal and written
  • Stay up to date on 0 day exploits for tech stacks we use
What we offer
What we offer
  • 100% employer-paid medical, dental and vision for employees
  • Annual review with raise option
  • 22 days Paid Time Off accrued annually, and 4 holidays
  • After 3 years, PTO increases to 29 days. Employees transition to flexible time off after 5 years with the company—not accrued, not capped, take time off when you want
  • Paid Parental Leave
  • Up to 6% company matching 401(k) with no vesting period
  • Quarterly allowance
  • Open concept office with friendly coworkers
  • Creative environment where you can make a difference
  • Trail Mix Bar
  • Fulltime
Read More
Arrow Right

IT Security Specialist

Amla Commerce is looking for an experienced IT Security Specialist to join our t...
Location
Location
United States , Milwaukee
Salary
Salary:
Not provided
amla.io Logo
Amla Commerce
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a related field
  • Minimum 2 Years of relevant work experience
  • Proven experience in infrastructure security, manual penetration testing, vulnerability assessment, and web application security
  • Strong knowledge of penetration testing tools and frameworks, including Burp Suite, Owasp Zap, and Metasploit Framework
  • Familiarity with OWASP Top 10 vulnerabilities and best practices for securing web applications
  • Experience with IDS/IPS tools for monitoring and preventing intrusions
  • Familiarity with wireless/Wi-Fi security protocols, encryption standards, and best practices
  • Knowledge of network and system security protocols, technologies, and best practices
  • Strong problem-solving skills and ability to think strategically about security risks and solutions
  • Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams and stakeholders
Job Responsibility
Job Responsibility
  • Conduct manual penetration testing of infrastructure systems, networks, and applications to identify security vulnerabilities and potential risks
  • Utilize various penetration testing tools such as Nmap, Nessus, Burp Suite, Owasp Zap, and Metasploit Framework to identify and exploit vulnerabilities
  • Perform vulnerability assessments using both manual approaches and vulnerability assessment and penetration testing (VAPT) tools like Nessus, OpenVAS, and Qualys
  • Collaborate with the development team to enhance the security of web applications by implementing secure coding practices and addressing OWASP Top 10 vulnerabilities
  • Configure and manage web application firewalls (WAF) to protect against common web-based attacks
  • Implement and maintain infrastructure firewalls, ensuring that proper configurations are in place to protect the network and systems from unauthorized access
  • Manage IP access control lists and handle blocking/unblocking requests as per security policies
  • Ensure compliance with SOC (Security Operations Center) standards and participate in audits and assessments
  • Provide end user system security by deploying and managing antivirus solutions, conducting security awareness training, and responding to security incidents
  • Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices to proactively identify potential risks and recommend mitigation strategies
Read More
Arrow Right

Cybersecurity Manager

Cybersecurity is an always-on field, so you’ll stay advised of all the latest tr...
Location
Location
Luxembourg , Leudelange
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science or a relevant equivalent experience
  • +5 years of experience
  • English required
  • French required
  • Knowledge and experience of Security Audit
  • Forensics
  • Ethical Hacking or Penetration Testing
  • Infrastructure and Network Security
  • Security Architecture
  • Application Security Testing
Job Responsibility
Job Responsibility
  • Conduct threat analysis, risk management, and incident response
  • Implement firewalls and conduct vulnerability assessments
  • Ethical hacking and penetration testing
  • Collaborate effectively with other departments
  • Ensure assets meet security standards and maintain confidentiality
  • Project management and delivery
  • Resource management
  • Planning, execution, and oversight of projects
What we offer
What we offer
  • Access to Sopra Steria training and personal development academy
  • Company car lease or mobility budget
  • Company laptop and phone
  • Private health insurance coverage
  • Meal vouchers
  • Social security and pension plan
  • Competitive salary
  • 26 holiday days
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy